feat(jans-config-api): user mgmt patch endpoint

JanssenProject · Apr 8, 2022 · 0427186 · 0427186
1 parent 84eadf6
commit 0427186
Show file tree

Hide file tree

Showing 4 changed files with 75 additions and 10 deletions.
diff --git a/jans-config-api/common/src/main/java/io/jans/configapi/util/ApiConstants.java b/jans-config-api/common/src/main/java/io/jans/configapi/util/ApiConstants.java
@@ -112,5 +112,8 @@ private ApiConstants() {}
     public static final int DEFAULT_MAX_COUNT = 200;  
     public static final String SORT_BY = "sortBy";
     public static final String SORT_ORDER = "sortOrder";
+
+    //commaSeparatedString of attributes to be excluded in User fetch request
+    public static final String USER_EXCLUDED_ATTRIBUTES = "userPassword,"; 
 
 }
diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/UserResource.java b/jans-config-api/server/src/main/java/io/jans/configapi/rest/resource/auth/UserResource.java
@@ -18,6 +18,7 @@
 import io.jans.orm.model.PagedResult;
 
 import java.io.IOException;
+import java.lang.reflect.InvocationTargetException;
 import java.util.ArrayList;
 import java.util.List;
 import javax.enterprise.context.ApplicationScoped;
@@ -50,29 +51,34 @@ public Response getUsers(@DefaultValue(DEFAULT_LIST_SIZE) @QueryParam(value = Ap
             @DefaultValue("") @QueryParam(value = ApiConstants.PATTERN) String pattern,
             @DefaultValue(DEFAULT_LIST_START_INDEX) @QueryParam(value = ApiConstants.START_INDEX) int startIndex,
             @QueryParam(value = ApiConstants.SORT_BY) String sortBy,
-            @QueryParam(value = ApiConstants.SORT_ORDER) String sortOrder) {
+            @QueryParam(value = ApiConstants.SORT_ORDER) String sortOrder) throws IllegalAccessException, InvocationTargetException {
         if (logger.isDebugEnabled()) {
             logger.debug("User search param - limit:{}, pattern:{}, startIndex:{}, sortBy:{}, sortOrder:{}",
                     escapeLog(limit), escapeLog(pattern), escapeLog(startIndex), escapeLog(sortBy),
                     escapeLog(sortOrder));
         }
         SearchRequest searchReq = createSearchRequest(userSrv.getPeopleBaseDn(), pattern, sortBy, sortOrder, startIndex,
-                limit, null, null);
+                limit, null, ApiConstants.USER_EXCLUDED_ATTRIBUTES);
 
-        final List<User> users = this.doSearch(searchReq);
-        logger.debug("User search result:{}", users);
+        List<User> users = this.doSearch(searchReq);
+        logger.debug("User search result:{}", users);        
+
         return Response.ok(users).build();
     }
 
     @GET
     @ProtectedApi(scopes = { ApiAccessConstants.USER_WRITE_ACCESS })
     @Path(ApiConstants.INUM_PATH)
-    public Response getUserByInum(@PathParam(ApiConstants.INUM) @NotNull String inum) {
+    public Response getUserByInum(@PathParam(ApiConstants.INUM) @NotNull String inum) throws IllegalAccessException, InvocationTargetException {
         if (logger.isDebugEnabled()) {
             logger.debug("User search by inum:{}", escapeLog(inum));
         }
         User user = userSrv.getUserByInum(inum);
         logger.debug("user:{}", user);
+
+        //excludedAttributes
+        user = userSrv.excludedAttributes(user, ApiConstants.USER_EXCLUDED_ATTRIBUTES);
+
         return Response.ok(user).build();
     }
 
@@ -100,7 +106,7 @@ public Response updateUser(@Valid User user) {
     }
 
     @PATCH
-    @Consumes(MediaType.APPLICATION_JSON_PATCH_JSON)
+    //@Consumes(MediaType.APPLICATION_JSON_PATCH_JSON)
     @ProtectedApi(scopes = { ApiAccessConstants.USER_WRITE_ACCESS })
     @Path(ApiConstants.INUM_PATH)
     public Response patchUser(@PathParam(ApiConstants.INUM) @NotNull String inum, @NotNull UserPatchRequest userPatchRequest) throws JsonPatchException, IOException {
@@ -119,7 +125,8 @@ public Response patchUser(@PathParam(ApiConstants.INUM) @NotNull String inum, @N
 
         return Response.ok(existingUser).build();
     }
-
+
+
     @DELETE
     @Path(ApiConstants.INUM_PATH)
     @ProtectedApi(scopes = { ApiAccessConstants.USER_DELETE_ACCESS })
@@ -133,7 +140,7 @@ public Response deleteUser(@PathParam(ApiConstants.INUM) @NotNull String inum) {
         return Response.noContent().build();
     }
 
-    private List<User> doSearch(SearchRequest searchReq) {
+    private List<User> doSearch(SearchRequest searchReq) throws IllegalAccessException, InvocationTargetException{
         if (logger.isDebugEnabled()) {
             logger.debug("User search params - searchReq:{} ", escapeLog(searchReq));
         }
@@ -151,7 +158,14 @@ private List<User> doSearch(SearchRequest searchReq) {
         if (logger.isDebugEnabled()) {
             logger.debug("Users fetched  - users:{}", users);
         }
+
+        //excludedAttributes
+        users = userSrv.excludedAttributes(users, searchReq.getExcludedAttributesStr());
+
         return users;
     }
+
+
+
 
 }
diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/UserService.java b/jans-config-api/server/src/main/java/io/jans/configapi/service/auth/UserService.java
@@ -11,6 +11,7 @@
 import io.jans.as.common.util.AttributeConstants;
 import io.jans.as.model.config.StaticConfiguration;
 import io.jans.as.model.configuration.AppConfiguration;
+import io.jans.configapi.util.AuthUtil;
 import io.jans.configapi.core.util.Jackson;
 import io.jans.configapi.model.user.UserPatchRequest;
 import io.jans.configapi.rest.model.SearchRequest;
@@ -23,13 +24,14 @@
 import static io.jans.as.model.util.Util.escapeLog;
 
 import java.io.IOException;
-import java.util.ArrayList;
+import java.lang.reflect.InvocationTargetException;
+import java.util.Arrays;
 import java.util.List;
 import javax.enterprise.context.ApplicationScoped;
 import javax.inject.Inject;
 import javax.inject.Named;
-import javax.ws.rs.core.Response;
 
+import org.apache.commons.beanutils.BeanUtils;
 import org.apache.commons.lang.StringUtils;
 import org.slf4j.Logger;
 
@@ -45,6 +47,9 @@ public class UserService extends io.jans.as.common.service.common.UserService {
 
     @Inject
     private AppConfiguration appConfiguration;
+
+    @Inject
+    AuthUtil authUtil;
 
     @Override
     public List<String> getPersonCustomObjectClassList() {
@@ -148,5 +153,38 @@ else if (attribute.getValue() == null || attribute.getValues() == null) {
 
         return user;
     }
+
+    public List<User> excludedAttributes(List<User> users, String commaSeparatedString) throws IllegalAccessException, InvocationTargetException {
+        logger.error("Attributes:{} to be excluded from users:{} ", commaSeparatedString, users);
+        for(User user: users) {
+            user = excludedAttributes(user, commaSeparatedString);
+        }
+        logger.error("Users:{} after excluding attribute:{} ", users, commaSeparatedString);
+
+        return users;
+    }
+
+    public User excludedAttributes(User user, String commaSeparatedString) throws IllegalAccessException, InvocationTargetException {
+        logger.error("Attributes:{} to be excluded from user:{} ", commaSeparatedString, user);
+        if(user == null || StringUtils.isEmpty(commaSeparatedString)) {
+            return user;
+        }
+        List<String> excludedAttributes = Arrays.asList(commaSeparatedString.split(","));
+        logger.error("Attributes List:{} to be excluded ", excludedAttributes);
+
+        for(String attribute : excludedAttributes) {
+            logger.error("User class conatins attribute:{} ? :{}  ", attribute, authUtil.doesObjectContainField(user,attribute));
+            if(authUtil.doesObjectContainField(user,attribute)) {
+                BeanUtils.setProperty(user,attribute,null);
+
+            }
+            else {
+                logger.error("Removing custom attribute:{} from user:{} ", attribute, user);
+                user.removeAttribute(attribute);
+            }
+        }        
+
+        return user;
+    }
 
 }
diff --git a/jans-config-api/server/src/main/java/io/jans/configapi/util/AuthUtil.java b/jans-config-api/server/src/main/java/io/jans/configapi/util/AuthUtil.java
@@ -32,6 +32,7 @@
 import javax.ws.rs.core.Response;
 
 import org.apache.commons.collections4.CollectionUtils;
+import org.apache.commons.lang.StringUtils;
 import org.slf4j.Logger;
 
 @ApplicationScoped
@@ -352,5 +353,14 @@ public List<String> findMissingElements(List<String> list1, List<String> list2)
     public boolean isEqualCollection(List<String> list1, List<String> list2) {
         return CollectionUtils.isEqualCollection(list1, list2);
     }
+
+    public boolean doesObjectContainField(Object object, String fieldName) {
+        log.error("Check if object:{} contain fieldName:{} ", object, fieldName);
+        if(object == null || StringUtils.isEmpty(fieldName)) {
+            return false;
+        }
+        return Arrays.stream(object.getClass().getFields())
+                .anyMatch(f -> f.getName().equals(fieldName));
+    }
 
 }